Nicolas Cantu
0637f9e76b
**Motivations:** - Deploy failed on proxy: long Bearer token map_hash; unknown http2 directive. **Root causes:** - openssl rand -hex 32 exceeds default map_hash_bucket_size. - Proxy nginx older than http2 on; listen 443 ssl http2 is portable. **Correctifs:** - Prepend map_hash_bucket_size 256 to generated maps and bearer example. - Replace http2 on with listen 443 ssl http2. - README troubleshooting for map_hash. **Evolutions:** - N/A. **Pages affectées:** - deploy/nginx/deploy-ia-enso-to-proxy.sh - deploy/nginx/http-maps/ia-enso-ollama-bearer.map.conf.example - deploy/nginx/sites/ia.enso.4nkweb.com.conf - deploy/nginx/README-ia-enso.md
15 lines
636 B
Plaintext
15 lines
636 B
Plaintext
# Install on the proxy inside `http { ... }` (before any server that uses $ia_enso_ollama_authorized):
|
|
# include /etc/nginx/http-maps/ia-enso-ollama-bearer.map.conf;
|
|
#
|
|
# Copy this file without the .example suffix, set a long random Bearer secret (ASCII, no double quotes).
|
|
# Cursor / OpenAI-compatible clients: Base URL .../ollama/v1 and API Key = same secret (no "Bearer " prefix).
|
|
#
|
|
# Required for long Bearer strings (e.g. hex tokens); omit only if nginx already sets this in http {}.
|
|
|
|
map_hash_bucket_size 256;
|
|
|
|
map $http_authorization $ia_enso_ollama_authorized {
|
|
default 0;
|
|
"Bearer CHANGE_ME_TO_LONG_RANDOM_SECRET" 1;
|
|
}
|